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until the expiration of the applicable time limit set in 35 USC 371(b) and PCT Articles 22 and 39(1). 
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^ priority date. 

i.r$. 6a A copy of the International Application as filed 35 USC 371(c)(2). 
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b. iai has been transmitted by the International Bureau. 
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l' J>. a A translation of the International Application into English (35 USC 371(c)(2)). 

= 7. -s Amendments to the claims of the International Application under PCT Article 19 (35 USC 371(c)(3)) 
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13. j si A FIRST preliminary amendment. 

□ A SECOND or SUBSEQUENT preliminary amendment. 

14. □ A substitute specification. 

15. A change of power of attorney and/or address letter. 

16. G3 Other items or information: 1 sheet formal drawing 



S:\Producer\jekVRlCHTER - RJCH300 Implication transmittal. wpd 



JC1Q RfG'd PCWTO 0 7 NOV 2001 



n Number (if Known) 



09/926460 



International Application Number 

PCT/EP00/04141 



Attorney 's Docket Number 

RICH3001/JEK 



PTO USE ONLY 



17. The following fees are submitted: 
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but International Search Fee paid to USPTO (37 CFR 1.445(a) (2)) $740.00 
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International Search Fee (37 CFR 1.445(a)(2)) paid to USPTO $1040.00 

. International Preliminary Examination Fee paid to USPTO (37 CFR 1.482) 
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months from the earliest claimed priority date (37 CFR 1.492(e)). 
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(b)) must be filed and granted to restore the application to pending status. 
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IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 



International Patent Application 
No. PCT/EPOO/04141 



PCT/DO/EO/US 



International Filing Date: 09 May 2000 



Attorney Docket: RICH3001/JEK 



Applicant: Oliver RICHTER 

For: DEVICE FOR PROTECTING THE INITIAL UTILIZATION OF A PROCESSOR/CHIP 



This paper accompanies documents submitted to establish the U.S. national stage of the 
above-identified international patent application under 35 U.S.C. §371 . 

The claims were not amended during the international phase. Before calculation of the 
filing fee and before examination, please amend the application as follows: 
IN THE CLAIMS : 

Please amend the claims 1 - 9 as shown on the appended APPENDIX OF CLAIMS. Also 
appended hereto an APPENDIX OF MARKED UP CLAIMS showing the changes which have 
been made. 



All rights are reserved to the original claimed subject matter. The claims have been 
amended to reduce the filing fees and to better conform to U.S. claim format. Examination of 
the application as amended is respectfully requested. 



CARD 



PRELIMINARY AMENDMENT 



Commissioner for Patents 
Washington, D.C. 20231 



Sir: 



REMARKS 



Respectfully submitted, 
BACON & THOMAS, PLLC 




L/ ERNEST KENNEY 
Attorney for Applicant 
Registration No. 19,179 
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Alexandria, VA 2231 4-1 1 76 
Telephone: (703) 683-0500 
Facsimile: (703) 683-1080 



Date: November 6, 2001 
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International Application No. PCT/EPOO/04141 
Attorney Docket No.: RICH3001/JEK 

APPENDIX OF CLAIMS 

1 (Amended). A method for putting into operation a processor smart card for 
a network for communication, for example a GSM network, wherein the card user 
must identify himself with respect to the processor smart card (SIM) by a personal 
identification number, comprising the steps: 

- for execution control of the first use, the processor smart card is first 
provided by the card manufacturer or card personalizerwith an additional application, 
preferably using the SIM Application Toolkit, which prevents its use in the network, 
instead allowing only local use by means of a card reader or card terminal, preferably 
a mobile phone device, and 

- upon the first use of the processor smart card, the application outputs 
without a further check of a secret number a display signal for the first use and a 
request for confirmation, and 

- after receiving a confirmation signal the additional application is 
deactivated or its execution so changed that upon the next use of the card a display 
signal is outputted to indicate that the card has already been put into operation and 
the use of the processor smart card in the network is enabled. 

2(Amended). The method according to claim 1, wherein a personal 
identification number previously defined, preferably by the card manufacturer or card 
personalizer, must be inputted for activating the additional application. 

3(Amended). The method according to claim 1 or 2, wherein the entry of a 
personal identification number (PIN) and/or a secret number (PUK) for changing or 
unblocking the personal identification number (PIN) is requested after the first use 
of the card and prior to the deactivation or change of state of the additional 
application. 
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4(Amended). The method according to any of claims 1 or 2, wherein some 
or all personal identification numbers on the card were already personalized on the 
processor smart card by the card manufacturerand said numbers are indicated upon 
the first use for later use on the card reader or card terminal, preferably a mobile 
phone device. 

5(Amended). The method according to claim 1 , wherein some or all personal 
identification numbers on the card are set by a random-number generator built into 
the card and said numbers are indicated during the first use on the card reader or 
card terminal, preferably a mobile phone device. 

6(Amended). The method according to claim 1 , wherein some or all personal 
identification numbers are combined for transmission to the network, preferably in 
encrypted form via a data channel, and sent immediately or at a later time to a 
central place at the network operator or network service provider. 

7(Amended). The method according to claim 1 , wherein the secret numbers 
to be defined at the first putting into operation are used not for the purpose of 
protecting the network application but for protecting an additional application, 
preferably a SIM Application Toolkit application, on the SIM card. 

8(Amended). The method according to claim 1 , wherein information, on the 
first use of the processor smart card and on the personal identification numbers is 
outputted or inputted via the hearing or speaking devices of the card reader, the card 
terminal or preferably the mobile phone device. 

9(Amended). A smart card comprising a microprocessor CuP), a memory area 
(M) and an interface (S) each connected with the microprocessor (juP), and further 
comprising a memory area (A) where an application for the execution control of the 
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first use of the smart card is stored, and a secret memory area (Mg) where data 
said application are stored in protected fashion. 
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APPENDIX OF MARKED UP VERSION OF CLAIMS 

1 (Amended). A method for putting into operation a processor smart card for 
a network for communication, [preferably] for example a GSM network, wherein the 
card user must identify himself with respect to the processor smart card (SIM) by a 
personal identification number, [characterized in that] comprising the steps: 

- for execution control of the first use, the processor smart card is first 
provided by the card manufacturerorcard personalizerwith an additional application, 
preferably using the SIM Application Toolkit, which prevents its use in the network, 
instead allowing only local use by means of a card reader or card terminal, preferably 
a mobile phone device, and 

- upon the first use of the processor smart card, the application outputs 
without a further check of a secret number a display signal for the first use and a 
request for confirmation, and 

- after receiving a confirmation signal the additional application is 
deactivated or its execution so changed that upon the next use of the card a display 
signal is outputted to indicate that the card has already been put into operation and 
the use of the processor smart card in the network is enabled. 

2(Amended). [A] The method according to claim 1, [characterized in that] 
wherein a personal identification number previously defined, preferably by the card 
manufacturer or card personalizer, must be inputted for activating the additional 
application. 

3(Amended). [A] The method according to claim 1 or 2, [characterized in that] 
wherein the entry of a personal identification number (PIN) and/or a secret number 
(PUK) for changing or unblocking the personal identification number (PIN) is 
requested after the first use of the card and prior to the deactivation or change of 
state of the additional application. 
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4(Amended). [A] The method according to any of claims 1 [to 3, characterized 
in that] or 2. wherein some or all personal identification numbers on the card were 
already personalized on the processor smart card by the card manufacturer and said 
numbers are indicated upon the first use for later use on the card reader or card 
terminal, preferably a mobile phone device. 

5(Amended). [A] The method according to [any of claims 1 to 4, characterized 
in that] claim 1 , wherein some or all personal identification numbers on the card are 
set by a random-number generator built into the card and said numbers are indicated 
during the first use on the card reader or card terminal, preferably a mobile phone 
device. 

6(Amended). [A] The method according to [any of claims 1 to 5, characterized 
in that] claim 1 , wherein some or all personal identification numbers are combined 
for transmission to the network, preferably in encrypted form via a data channel, and 
sent immediately or at a later time to a central place at the network operator or 
network service provider. 

7(Amended). [A] The method according to [any of claims 1 to 6, characterized 
in that] claim 1 , wherein the secret numbers to be defined at the first putting into 
operation are used not for the purpose of protecting the network application but for 
protecting an additional application, preferably a SIM Application Toolkit application, 
on the SIM card. 

8(Amended). [A] The method according to [any of claims 1 to 7, characterized 
in that] claim 1, wherein information, on the first use of the processor smart card and 
on the personal identification numbers is outputted or inputted via the hearing or 
speaking devices of the card reader, the card terminal or preferably the mobile 
phone device. 
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9(Amended). A smart card [having] comprising a microprocessor (^P), a 
memory area (M) and an interface (S) each connected with the microprocessor (juP), 
[characterized by] and further comprising a memory area (A) where an application 
for the execution control of the first use of the smart card is stored, and a secret 
memory area {Mg) where data on said application are stored in protected fashion. 
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I Device for protecting the first use of a processor smart card 



This invention relates to a method for protection from attacks on a processor 
smart card or from its unauthorized use in a network for communication, preferably 
a GSM network, according to the preamble of claim 1, and to a corresponding smart 
card according to the preamble of claim 9. 

In GSM systems it is known that for using the smart card (Subscriber Identity 
Module SIM) the card user must first identify himself as a legitimate user by means 
of a Personal Identification Number (PIN). To avoid abuse at this point it is known 
to transmit the PIN to the card user by having PIN/PUK letters produced by the card 
manufacturer or card personalizer and handing over said PIN/PUK letters to the card 
user. 

Another, system-relevant security measure is the sealing of the PIN/PUK letter 
by the card manufacturer or card personalizer. The intactness of the seal on the 
PIN/PUK letter indicates to the card user that the secret numbers applied to the 
PIN/PUK letter by the card manufacturer cannot be known to any other card user. 
Since the secret numbers on the PIN/PUK letter were chosen randomly by the card 
manufacturer or card personalizer and are stored only in the secret memory of the 
SIM card, the card user can assume that by opening the PIN/PUK letter only he him- 
self acquires knowledge of the secret numbers. 

To avoid abuse upon PIN entry, it is known for PIN entry to provide an error 
counter that temporarily prevents further use of the card when a permissible number 
of abortive attempts is exceeded. To protect from unnecessary blocking of a card by 
inadvertent false entry of the PIN, it is known to provide on the card a Personal Un- 
blocking Key (PUK) which can be used to define a new PIN and which reenables 
the card for use in the network. To avoid abuse upon PUK entry, it is known to pro- 
vide an error counter which definitively prevents further use of the card when a 
permissible number of abortive attempts is exceeded. 

In the known prior art, the card user is given the possibility of replacing the 
PIN defined by the card manufacturer or card personalizer by a self-chosen value. 
The value of the PUK cannot be changed by the card user. To be able to inform the 



card user of the PUK if the PIN/PUK letter is lost or inaccessible but the PIN inad- 
vertently blocked, it is known to store the PUK additionally in a data base centrally 
with the network operator for all issued cards as a special service in some GSM net- 
works. At the card user's request and after a check of the card user's identity, the 
PUK is transmitted to the card user for enabling the PIN. 

Such a system also involves the danger that, by unauthorized opening of the 
PIN/PUK letter and for example by reprinting of the PIN/PUK letter or by manipula- 
tion of the PIN/PUK letter seal, the legitimate card user believes that he is the first 
user of the card although an illegitimate card user has already put the card into op- 
eration temporarily at the expense of the legitimate card user. 

It is therefore the problem of the invention to provide a safe method for protec- 
tion from unnoticed opening of PIN/PUK letters by which the first user of the card is 
notified of the first use of the card, as well as a corresponding smart card. 

This problem is solved starting out from the features of the preambles of claim 
1 and 9 by the respective characterizing features. Advantageous embodiments of the 
invention are stated in the dependent claims. 

The invention relates to a method for checking and displaying the first use of a 
processor smart card by means of an additional application on the processor smart 
card itself which controls or at least substantially influences all steps necessary for a 
safe check. 

An advantageous embodiment of the invention shows the use of the application 
to let the card user define secret keys required for authentication of the card user 
with respect to the card, or to transmit said keys to the card user, whereby the card 
remains transport-protected on the way between card manufacturer, card issuer and 
card user. 

Another advantageous use of the invention is the supplementing or replace- 
ment of elaborate and sometimes cost-intensive methods for transport protection of 
processor smart cards between card manufacturer and card user, for example 
PIN/PUK letters, by the additional application in the processor smart card which 
supplements or substantially performs the function of a PIN/PUK letter. 



According to another advantageous embodiment, the invention can also be 
used as a component of a system executed in essential parts in the processor smart 
card itself for individual allocation and personalization of secret keys which are to 
be made accessible not only to the card user but also to the card issuer, e.g. a mobile 
phone network operator or network service provider. 

Another advantageous embodiment of the invention provides that when the se- 
cret keys are defined by the card user himself, said secret keys are asked for several 
times by the card user in order to avoid inadvertent false entry. 

Alternatively or additionally, after the secret numbers have been defined by the 
card user or by the card itself a corresponding network component can be sent a 
message after which the first use of the card in the network is communicated or the 
value of the secret number transmitted. 

According to another advantageous embodiment of the invention, when the 
card is first put into operation the secret numbers are additionally or alternatively 
inputted or outputted via the speaking or hearing apparatus of the mobile phone de- 
vice, which can in particular facilitate and better protect the transmission or defini- 
tion of secret keys to or by visually handicapped card users. 

Fig. 1 shows an example of smart card SIM having interface S for data ex- 
change with a mobile phone and microprocessor juP connected with application A 
and memory M, Mg. Application A can be formed substantially as a SIM Applica- 
tion Toolkit application and has been incorporated into the card by the card manu- 
facturer or card personalizer. The memory is divided into usual memory area M 
where data can be read and written, and secret memory area Mg where at least the 
information about the first use of the smart card is stored. When the card is put into 
operation by a card user via interface S, the application checks by accessing secret 
memory Mg whether this is the first use of the card. 

Upon the first use of the card, the card user is informed by application A and 
asked to confirm the putting into operation of the card. Upon positive confirmation 
by the card user, the application changes the information about first use in secret 
memory Mg, thereby changing its behavior when the card is put into operation again 
later. 
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A method for putting into operation a processor smart card for a network for 
communication, preferably a GSM network, wherein the card user must iden- 
tify himself with respect to the processor smart card (SIM) by a personal iden- 
tification number, characterized in that 

for execution control of the first use, the processor smart card is first pro- 
vided by the card manufacturer or card personalizer with an additional 
application, preferably using the SIM Application Toolkit, which pre- 
vents its use in the network, instead allowing only local use by means of a 
card reader or card terminal, preferably a mobile phone device, and 
upon the first use of the processor smart card, the application outputs 
without a further check of a secret number a display signal for the first 
use and a request for confirmation, and 

after receiving a confirmation signal the additional application is deacti- 
vated or its execution so changed that upon the next use of the card a dis- 
play signal is outputted to indicate that the card has already been put into 
operation and the use of the processor smart card in the network is en- 
abled. 

A method according to claim 1, characterized in that a personal identification 
number previously defined, preferably by the card manufacturer or card per- 
sonalizer, must be inputted for activating the additional application. 
A method according to claim 1 or 2, characterized in that the entry of a per- 
sonal identification number (PIN) and/or a secret number (PUK) for changing 
or unblocking the personal identification number (PIN) is requested after the 
first use of the card and prior to the deactivation or change of state of the addi- 
tional application. 

A method according to any of claims 1 to 3, characterized in that some or all 
personal identification numbers on the card were already personalized on the 
processor smart card by the card manufacturer and said numbers are indicated 
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upon the first use for later use on the card reader or card terminal, preferably a 
mobile phone device. 

5. A method according to any of claims 1 to 4, characterized in that some or all 
personal identification numbers on the card are set by a random-number gen- 
erator built into the card and said numbers are indicated during the first use on 
the card reader or card terminal, preferably a mobile phone device. 

6. A method according to any of claims 1 to 5, characterized in that some or all 
personal identification numbers are combined for transmission to the network, 
preferably in encrypted form via a data channel, and sent immediately or at a 
later time to a central place at the network operator or network service pro- 
vider. 

7. A method according to any of claims 1 to 6, characterized in that the secret 
numbers to be defined at the first putting into operation are used not for the 
purpose of protecting the network application but for protecting an additional 
application, preferably a SIM Application Toolkit application, on the SIM 
card. 

8. A method according to any of claims 1 to 7, characterized in that information 
on the first use of the processor smart card and on the personal identification 
numbers is outputted or inputted via the hearing or speaking devices of the 
card reader, the card terminal or preferably the mobile phone device. 

9. A smart card having a microprocessor (pP), a memory area (M) and an inter- 
face (S) each connected with the microprocessor (jiP), characterized by a 
memory area (A) where an application for the execution control of the first use 
of the smart card is stored, and a secret memory area (Mg) where data on said 
application are stored in protected fashion. 
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